stevemurray1990
commented
5 years ago Has this been added? If so, it would be great if you can share a demo implementation for iOS and MacOS. :)
Closed XMB5 closed 3 years ago
stevemurray1990
commented
5 years ago Has this been added? If so, it would be great if you can share a demo implementation for iOS and MacOS. :)
keeshux
commented
5 years ago Open issue = not added (yet?) 😎
tmthecoder
commented
4 years ago I'd be open to helping with this, but do not have much of knowhow on adding this vs implementing it in OpenVPN itself. On OpenVPN you can just patch it, would you mind giving me a rundown on what is similar code-related on here and OpenVPN?
keeshux
commented
4 years ago @tmthecoder there's a PR open.
tmthecoder
commented
4 years ago @keeshux my bad if there's anything I can do to help, I'm available as I am looking for an active xor capable client as well
joosth9n
commented
4 years ago Isn't tls-crypt, which is already supported, more effective or the same in effectiveness in bypassing firewalls? I have customers happily using OpenVPN with tls-crypt enabled to bypass the GFW, without xorpatch.
tmthecoder
commented
4 years ago @joosthoogendoorn Based in my experimentation with tls-crypt vs xor patch I've found the xor patch to obfuscate the packet more with tls-crypt being detectable as an openvpn packet if listening for them. Xor on the other hand ends up making it unknown traffic, at least according to my own private testing. Personally, I use both in combination as xor can be decrypted at times but tls-crypt also adds that extra tls layer of encryption
Retro-Fitt
commented
4 years ago @keeshux I think proxy.sh safejumper already implemented xor feature.I am not an expert on ios code but please have a check if helps https://github.com/proxysh/Safejumper-for-iOS @tmthecoder yes i tottaly agree with you. tls-crypt is an option for evading DPI firewalls but not as effective as xor in my case also detected by firewall time to time.(i have been using xor on android for almost 2 years no issues at all.) I think it depends on DPI software which changes by goverment or ISP.
Retro-Fitt
commented
4 years ago Any news on subject?
HosseyNJF
commented
4 years ago +1
makoni
commented
3 years ago @keeshux do you have any plans for that one? I see that there's PR already for that: https://github.com/passepartoutvpn/tunnelkit/pull/170
Would love to see that feature in TunnelKit 🤞
Summary
One useful feature that can be added to OpenVPN is the scramble xor patch (github). It XORs all bytes sent by openvpn, evading firewalls. It would be a great addition to passepartout that would make it stand out from the official iOS OpenVPN app, and it should be relatively simple to implement.
Original reddit post